Entrust Identity as a Service™ Technical Integration Guides
Click here to see this page in full context

Report errors or omissions

  1. Home >
  2. SAML Integration Guides >
  3. Integrate Lucidchart

Integrate Lucidchart

Lucidchart is a web-based diagramming application that allows users to visually collaborate on drawing, revising and sharing charts and diagrams. It also users to improve processes, systems, and organizational structures. See https://www.lucidchart.com. You can protect access to Lucidchart by integrating Lucidchart with Identity as a Service. Once integrated, users can use single sign-on to log in to their Lucidchart account through Identity as a Service.

Note: This integration was tested using Identity as a Service version 5.33 and Lucidchart Trial version December 2023. Other versions of Lucidchart may require integration and configuration steps that differ from those documented in this procedure. For other versions of Lucidchart, this integration guide may be used as an initial approach for integrating Lucidchart. In the event of other issues, contact support@entrust.com for assistance.

To integrate Lucidchart with Identity as a Service, you must do the following:

Before you begin, open two browser windows. In one window, log in to your Lucidchart Administrator account. In the other window, log in to your IDaaS administrator account.

Step 1: Download the metadata from LucidchartStep 1: Download the metadata from Lucidchart

Log in to Lucidchart. The Team Spaces page appears.

Click Admin in the menu pane. The Admin page appears.

Click App integration > General. The App integrations page appears.

Click SAML Settings. The Activation page appears.

Scroll to click Download metadata.

Save the metadata file.

Leave this page open to return to in Step 5: Configure Lucidchart for Identity as a Service authentication.

Step 2: Add Lucidchart to Identity as a ServiceStep 2: Add Lucidchart to Identity as a Service

Add Lucidchart as an application to Identity as a Service

Log into your Identity as a Service administrator account.

Click > Security > Applications. The Applications Lists page appears.

Click Add. The Select an Application Template page appears.

Do one of the following:

Select SAML Cloud Integrations from the search drop-down list and scroll to find the application you want to add to IDaaS.

- or -

In the Search bar, enter a search option to filter for the application you want to add to IDaaS.

Click Lucidchart. The Add Lucidchart page appears.

Enter an Application Name.

Enter an Application Description.

Optional. Add a custom application logo.

Click next to Application Logo. The Upload Logo dialog box appears.

Click  to select an image file to upload.

Browse to select your file and click Open. The Upload Logo dialog box reappears showing your selected image.

If required, resize your image.

Click OK.

Select the Authentication Flow that appears to users during login.

Click Next. The General page appears.

Click to the Upload Metadata XML and browse to the location of the metadata file you downloaded. The Metadata Configuration dialog box appears.

If required, click Merge with existing values to merge new values with existing values for Alternative Assertion Consumer Services URLs and SAML attribute names.

Click Save.

Enter the SAML Session Timeout to the time when the SAML Assertion times out. The maximum is 720 minutes.

Enter the Max Authentication Age (seconds) to set the maximum amount of time that can elapse before a user is required to reauthenticate during a new login attempt. This applies for both SP-initiated and IDP-initiated login. Set this field to -1 to disable this feature.

From the SAML NameID Attribute drop-down list, select User ID.

  From the SAML NameID Encoding Format drop-down list, select Unspecified.

Select the SAML Signing Certificate.

Deselect Enable Go Back Button if you do not want users to be able to go back to the Lucidchart login page to log in.

Add an Alternative Assertion Consumer Service URLs, as follows:

Click Add.

Enter lucidchart1 in the Name field.

Enter the following URL in the Value field:

https://lucid.app/smal/sso/<Entrust> where <Entrust> is your app name.

Select Show in My Profile to display the Alternative Consumer Service URL in a user's My profile page.

Optional. Add an Application Logo.

Click Add.

Select Show Default Assertion Consumer URL Service in the My Profile. When selected, the Default Assertion Consumer URL appears in a user's My Profile page in addition to relay states and Alternative Assertion Consumer URLs.

Add SAML Attributes as follows:

Under SAML Attributes, click Add. The SAML Attributes dialog box appears.

 In the Name field enter First Name.

Click Add next to Value(s).

 In the Values field, type < and select First Name.

Click Add.

Repeat this procedure to add the following additional user attributes:

 Last Name

Email

Leave the remaining settings at the default values.

Click Submit.

Step 3: Add a resource ruleStep 3: Add a resource rule

See Create resource rules.

Step 4: Download the metadata file from Identity as a ServiceStep 4: Download the metadata file from Identity as a Service

Download the Metadata file from Identity as a Service

In Identity as a Service, click > Security > Applications. The Applications List page appears.

Do one of the following:

Click next to the application you are integrating with Identity as a Service.

–or–

Click next to the application you are integrating with Identity as a Service and select SAML IDP Metadata.

 The SAML Application Metadata dialog box appears.

Select the certificate to include in the SAML IDP Metadata file from the drop-down list.

If applicable, Select the domain to include in the SAML IDP Metadata file from the drop-down list.

Enter the Lifetime, in days, for the SAML IDP Metadata file. The value must be between 2 and 730.

Do one of the following, as required:

Copy the Public Endpoint to paste into your SAML application being used Identity Provider authentication.

Click Download.

Note:  If you are using multiple domains, you must download each domain's metadata file separately because the values in the metadata file vary for each domain.

Step 5: Configure Lucidchart for Identity as a Service authenticationStep 5: Configure Lucidchart for Identity as a Service authentication

Return to the Lucidchart SAML Activation page you left open in Step 1: Download the metadata from Lucidchart.

In the Domain field enter the domain name for SSO, for example Entrust.

Click Add identity provider and browse to select the metadata file that you downloaded in Step 4: Download the metadata file from Identity as a Service.

Select the metadata file you downloaded in Step 4: Download the metadata file from Identity as a Service.

Click Save changes.

Click Test SAML connection. You should be redirect to the IDaaS log in page.

Step 6: Test the integrationStep 6: Test the integration

Test Service Provider login

Open a web browser and enter the URL of Lucidchart.

Click Single sign-on. You are re-directed to Identity as a Service.

Log in to IDaaS.

Respond the second-factor authentication challenge. If you respond successfully, you are logged into Lucidchart.

Test Identity as a Service redirect log in

Log in to your Identity as a Service account.

Go to your My Profile page if you are not already there.

Under Applications, click Lucidchart.

Respond to the second factor authentication challenge. If you respond successfully, you are logged in to Lucidchart.